Пример #1
0
def login():
    """Log in a registered user by adding the user id to the session."""
    if request.method == 'POST':
        email = request.form['username']
        password = request.form['password']
        db = get_db()
        error = None

        user = db.execute('SELECT * FROM client WHERE email=?',
                          (email, )).fetchone()

        if user is None:
            error = 'Invalid email'
        elif password != user['password']:
            error = 'Invalid password'

        if error is None:
            # store the user id in a new session and return to the index
            session.clear()
            session['user_id'] = user['id']
            flash('Welcome, ' + user['name'] + '!')
            return redirect(url_for('index'))

        flash(error)

    return render_template('auth/login.html')
Пример #2
0
def cart():
    price_sum = float(request.form['price'])
    amount = request.form['amount']
    product_id = request.form['product_id']
    username = session.get('user_id')
    db = get_db()

    client_info = db.execute('SELECT name,phone,address,mileage FROM client WHERE id = ?', (username,)).fetchall()[0]

    coupon_list = db.execute('SELECT a.name, a.coupon_id, a.discount FROM coupon a, coupon_list b '
                             'WHERE a.coupon_id=b.coupon_id AND user_id = ? AND b.used=0', (username,)).fetchall()
    dc_sum = 0.0
    select_coupon = 0
    discount = request.form.get('discount')

    mileage = 0
    coupon_discount = 0
    if discount is not None:
        mileage = int(request.form['mileage'])
        select_coupon = int(request.form['coupon_list'])
        if select_coupon != 0:
            coupon_discount = db.execute('SELECT discount FROM coupon '
                                         'WHERE coupon_id = ?', [select_coupon]).fetchone()[0]
        dc_sum = price_sum - (price_sum-mileage*0.001) * (100-coupon_discount)/100

    return render_template('payment/payment.html', **locals())
Пример #3
0
def delete_item():
    username = session['user_id']
    id = int(request.data)
    db = get_db()
    db.execute('DELETE FROM my_list WHERE product_id = ? and user_id = ?', (
        id,
        username,
    ))
    db.commit()
    return jsonify(result="success")
Пример #4
0
def load_logged_in_user():
    """If a user id is stored in the session, load the user object from
    the database into ``g.user``."""
    user_id = session.get('user_id')

    if user_id is None:
        g.user = None
    else:
        g.user = get_db().execute('SELECT * FROM client WHERE id=?',
                                  (user_id, )).fetchone()
Пример #5
0
def my_list():
    username = session['user_id']
    db = get_db()

    cur = db.execute(
        'SELECT name, product_id FROM product WHERE product_id IN '
        '(SELECT product_id FROM my_list WHERE user_id = ?)', (username, ))
    lists = [dict(name=row[0], id=row[1]) for row in cur.fetchall()]

    return render_template('cart/my_list.html', lists=lists)
Пример #6
0
def delete(id):
    """Delete a post.

    Ensures that the post exists and that the logged in user is the
    author of the post.
    """
    get_post(id)
    db = get_db()
    db.execute('DELETE FROM post WHERE id = ?', (id, ))
    db.commit()
    return redirect(url_for('blog.index'))
Пример #7
0
def searchDC(category=None):
    db = get_db()
    if category is not None:
        search_manager = SearchManager()
        products = search_manager.searchSale(category)
        return render_template('search/searchDC.html',
                               category=category,
                               products=products)
    products = db.execute(
        'SELECT * FROM product WHERE dc_rate >10 ORDER BY dc_rate DESC  '
    ).fetchall()
    return render_template('search/searchDC.html',
                           category=category,
                           products=products)
Пример #8
0
def coupon_list():
    username = session.get('user_id')
    db = get_db()
    coupon_lists = db.execute('SELECT * FROM coupon').fetchall()
    my_coupon_list = db.execute(
        'SELECT coupon_id FROM coupon_list '
        'WHERE used = ? AND user_id = ? ', (
            1,
            username,
        )).fetchall()

    return render_template('coupon/coupon_list.html',
                           lists=coupon_lists,
                           my_coupon_list=my_coupon_list)
Пример #9
0
def searchHOTDEAL(category=None):
    db = get_db()

    if category is not None:
        search_manager = SearchManager()
        products = search_manager.searchHotdeal(category)
        return render_template('search/searchHOTDEAL.html',
                               category=category,
                               products=products)

    products = db.execute(
        'SELECT * FROM product WHERE sales_num >10 ORDER BY sales_num DESC  '
    ).fetchall()

    return render_template('search/searchHOTDEAL.html',
                           category=category,
                           products=products)
Пример #10
0
def add_item():
    username = session['user_id']
    Data = request.json

    db = get_db()
    item = db.execute(
        'SELECT product_id, quantity FROM cart_list WHERE user_id=? and product_id=?',
        (username, Data['ID'])).fetchone()
    if item is None:
        db.execute(
            'INSERT INTO cart_list (user_id, product_id, quantity) VALUES(?,?,?)',
            (username, Data['ID'], Data['AMT']))
        db.commit()
        msg = "장바구니에 추가되었습니다"
    else:
        msg = "장바구니에 이미 존재하는 제품입니다"
    return jsonify(result="success", msg=msg)
Пример #11
0
def create():
    """Create a new post for the current user."""
    if request.method == 'POST':
        title = request.form['title']
        body = request.form['body']
        error = None

        if not title:
            error = 'Title is required.'

        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute(
                'INSERT INTO post (title, body, author_id)'
                ' VALUES (?, ?, ?)', (title, body, g.user['id']))
            db.commit()
            return redirect(url_for('blog.index'))

    return render_template('blog/create.html')
Пример #12
0
def update(id):
    """Update a post if the current user is the author."""
    post = get_post(id)

    if request.method == 'POST':
        title = request.form['title']
        body = request.form['body']
        error = None

        if not title:
            error = 'Title is required.'

        if error is not None:
            flash(error)
        else:
            db = get_db()
            db.execute('UPDATE post SET title = ?, body = ? WHERE id = ?',
                       (title, body, id))
            db.commit()
            return redirect(url_for('blog.index'))

    return render_template('blog/update.html', post=post)
Пример #13
0
def cart_list():
    username = session['user_id']
    db = get_db()

    cur = db.execute(
        'SELECT A.price, A.dc_rate, B.quantity FROM product A '
        'LEFT JOIN cart_list B ON A.product_id = B.product_id WHERE B.user_id = ?',
        (username, ))
    totalprice = 0
    for row in cur.fetchall():
        totalprice += round(row[0] * ((100.0 - row[1]) / 100.0), 2) * row[2]
    cur = db.execute(
        'SELECT A.name, A.price, A.product_id, A.dc_rate, B.quantity FROM product A '
        'LEFT JOIN cart_list B ON A.product_id = B.product_id WHERE B.user_id = ?',
        (username, ))
    lists = [
        dict(name=row[0], price=row[1], id=row[2], dc=row[3], quantity=row[4])
        for row in cur.fetchall()
    ]
    return render_template('cart/cart_list.html',
                           lists=lists,
                           totalprice=totalprice)
Пример #14
0
def add_coupon():
    username = session.get('user_id')
    db = get_db()
    select_coupon = request.form['coupon_id']
    my_coupon_list = db.execute(
        'SELECT coupon_id,used FROM coupon_list WHERE user_id=?',
        [username]).fetchall()
    coupon_name = db.execute('SELECT name FROM coupon WHERE coupon_id=?',
                             [select_coupon]).fetchone()
    for coupon in my_coupon_list:
        if int(coupon[0]) is int(request.form['coupon_id']):
            if coupon[1] is 1:
                flash(coupon_name[0] + ' coupon already used.')
            else:
                flash('already have ' + coupon_name[0] + ' coupon.')
            return redirect('coupon/coupon_list')

    db.execute('INSERT into coupon_list(user_id,coupon_id) values(?,?)',
               (username, select_coupon))
    db.commit()

    flash(coupon_name[0] + '  coupon added.')
    return redirect('coupon/coupon_list')
Пример #15
0
def get_post(id, check_author=True):
    """Get a post and its author by id.

    Checks that the id exists and optionally that the current user is
    the author.

    :param id: id of post to get
    :param check_author: require the current user to be the author
    :return: the post with author information
    :raise 404: if a post with the given id doesn't exist
    :raise 403: if the current user isn't the author
    """
    post = get_db().execute(
        'SELECT p.id, title, body, created, author_id, username'
        ' FROM post p JOIN user u ON p.author_id = u.id'
        ' WHERE p.id = ?', (id, )).fetchone()

    if post is None:
        abort(404, "Post id {0} doesn't exist.".format(id))

    if check_author and post['author_id'] != g.user['id']:
        abort(403)

    return post
Пример #16
0
def result():
    db = get_db()
    username = session.get('user_id')
    amount = int(request.form['amount'])
    product_id = request.form['product_id']

    cur_payment_id=db.execute('SELECT exists(select * from payment where payment_id = 1)').fetchall()[0][0]
    if cur_payment_id == 1:
        cur_payment_id = int(db.execute('SELECT payment_id FROM payment ORDER BY payment_id DESC LIMIT 1').fetchone()[0])+1
    else :
        cur_payment_id = 1

    # cur_order_id = db.execute('SELECT exists(select * from placed_order where order_id = 1)').fetchall()[0][0]
    # if cur_order_id == 1:
    #     cur_order_id = int(db.execute('SELECT order_id FROM placed_order ORDER BY order_id DESC LIMIT 1').fetchone()[0])+1
    # else :
    #     cur_order_id = 1
    #
    # cur_track_number = db.execute('SELECT exists(select * from placed_order where track_number = 1)').fetchall()[0][0]
    # if cur_track_number == 1:
    #     cur_track_number = int(db.execute('SELECT track_number FROM placed_order ORDER BY track_number DESC LIMIT 1').fetchone()[0])+1
    # else:
    #     cur_track_number = 1

    # 카트거치고옴
    if amount == 0:
        cart_list = db.execute('SELECT a.price, a.dc_rate,a.product_id, b.quantity,a.stock FROM product a, cart_list b '
                               'WHERE a.product_id = b.product_id AND user_id = ?', (username,)).fetchall()

        for products in cart_list:
            if products[4]-products[3] < 0:
                return render_template('payment/payment_result.html', payment_success=False)
        # db.execute('INSERT INTO placed_order(track_number, delivery_company, last_status) VALUES(?, ?, ?)',(cur_track_number,"LOGEN",0) )
        db.execute('INSERT INTO payment (price, name, phone, address, discount_price) VALUES(?, ?, ?, ?, ?)',
                   (request.form['price'], request.form['name'], request.form['phone'],
                    request.form['address'], request.form['dc_price']))
        db.commit()
        for products in cart_list:
            db.execute('INSERT INTO payment_detail (payment_id,product_id,quantity,price,total_sum) VALUES(?,?,?,?,?)'
                       ,(cur_payment_id,products[2],products[3],products[0] * ((100.0-products[2])/100.0),products[0] * ((100.0-products[2])/100.0)*products[3]))
            # db.execute('INSERT INTO product_order (order_id,product_id,quantity) VALUES(?,?,?)',(cur_order_id,products[2],products[3]))
            db.execute('UPDATE product SET stock = ? WHERE product_id = ?',
                       (products[4] - products[3], products[2]))
        db.execute('DELETE FROM cart_list WHERE user_id = ?', (username,))
    # 카트안거침
    else:
        product_info= db.execute('SELECT stock,price,dc_rate FROM product WHERE product_id = ?', (product_id,)).fetchone()
        stock = product_info[0]

        price = product_info[1] * ((100.0-product_info[2])/100.0)

        if stock < amount:
            return render_template('payment/payment_result.html', payment_success=False)

        # db.execute('INSERT INTO placed_order(track_number, delivery_company, last_status) VALUES(?, ?, ?)',(cur_track_number,"LOGEN",1) )
        db.execute('INSERT INTO payment (price, name, phone, address, discount_price) VALUES(?, ?, ?, ?, ?)',
                   (request.form['price'], request.form['name'], request.form['phone'],
                    request.form['address'], request.form['dc_price']))
        db.commit()

        # db.execute('INSERT INTO product_order (order_id,product_id,quantity) VALUES(?,?,?)',(cur_order_id,product_id,amount))
        db.execute('INSERT INTO payment_detail (payment_id,product_id,quantity,price,total_sum) VALUES(?,?,?,?,?)',(cur_payment_id,product_id,amount,price,amount*price))
        db.execute('DELETE FROM my_list WHERE user_id = ? AND product_id = ? ',(username,product_id))
        db.execute('UPDATE product SET stock = stock - ?, sales_num = sales_num + ? '
                   'WHERE product_id = ?', (amount, amount, product_id))

    mileage_used = int(request.form['mileage_used'])
    mileage_add = int(float(request.form['dc_price']))*10
    mileage = int(request.form['mileage']) - mileage_used + mileage_add
    db.execute('UPDATE client SET mileage = ? WHERE id = ?', (mileage, username))
    coupon_id = int(request.form['coupon_id'])
    if coupon_id is not 0:
        db.execute('UPDATE coupon_list SET used = ? WHERE user_id = ? AND coupon_id = ? ', (1, username, coupon_id))
    # db.execute('INSERT INTO client_order(client_id,order_id,dc_price) VALUES(?,?,?)',(username,cur_order_id,request.form['dc_price']))
    controller = ManageOrder()
    controller.addDelivery(username,cur_payment_id)
    db.commit()

    return render_template('payment/payment_result.html', payment_success=True, **locals())
Пример #17
0
def product_info(product_id):
    db = get_db()
    product = db.execute('SELECT * FROM product WHERE product_id = ?', (product_id,)).fetchone()
    return render_template('product/product_info.html', product=product)
Пример #18
0
 def __init__(self):
     self.db = db.get_db()